Basic principles are basic, and standard/procedure-oriented. And even if you quote some popular principles it won't be enough. Time and accessibility would always be sacrificed.
I think you mean the details and not the choice of application.
Not enough to give factual details but enough for me to stand what I believe. Not that I'm really going far as to really prove it. I already gave the concept. Prove it wrong if you want to prove me wrong.

Yeah right. Can you even tell how a malware would propagate that you could compare it to XP?

Like the way of chroot jailing and SELinux as I applied it to servers yes. Certainly it's already known widely. But security is not all about limiting access. Some methods are even more effective without sacrificing accessibility. Those you refer to are just basics.

The main reason for the widespread deployment of malware on Windows XP was that the default user automatically had administrator priveleges. Any exploit for software facing the net (mail clients, browsers, chat clients, ...) had not to circumvent any restrictions to install and run itself on the machine. Why would you think that this is different on a Linux machine running the software exposed to the net as root?

So your concept, although you won't prove it, is good enough to compete with the concepts designed and proven by generations of security experts, although you admit that you have not researched this topic very deeply? That is interesting.
By the way, I don't have to prove you wrong, usually the burden of proof is on the one who makes the claims.

On Linux with root user running a vulnerable client of course it would be breached, but how would a breached client be able to breach another one? Can that affect a significant amount of distros which are also running as root that you could say that the effect is widespread? Of course you wouldn't think services are running as root as well.
It's not that I'm thinking that they're doing another method. Or do you mean they came up with a better solution? The two major possible designs are just obvious. One is separation by environment. Second is micro-control in every API service. And the latter was the one one I'm referring to as a hack.

That is why I said that it is luck that only a small percentage of users have your usage habits. Otherwise we would have the same situation as XP.

Most are not, especially those that are offered to the net.

Do I understand that right? You prefer a totally insecure system to one that uses a method you consider as hack?

Again, users in Linux running as root is not enough to give devastating damages as much as what happened to XP.What I mean is that even if you favor running GUI as root, it's not necessary that services would follow as well.
It's not always an insecure system for capable users with control. Insecurity is not even a question sometimes. The better way to put it is that I would prefer taking controlled and not-really-applicable risks than using those methods if I am to gain easier and less expensive accessibility.

The thing is that there are situations where being careful is not necessary, and there are also situations where being hacked as a normal user is just as damaging as being hacked as root.

No, you would also need the developers to write exploits for it. which wouldn't take very long if all people would use your security scheme.

Services are usually not started by the GUI, so of course they would not be run as root because you choose to run the GUI with that user. But any application that you start from within the GUI will run as root in that case. You don't tell me that if you do admin tasks and have to look up some documentation on the net first logout of the root GUI, do your researches with a browser form an unprivileged account and then login back as root, just to finf out that the approach does not work and you have to do that procedure again?
Or do you start the browser as unprivileged user using one of the "hacks"?

True, but if your normal user and root are one and the same this doesn't apply anymore, just because all situations are as damaging as being hacked as root. Just because there is the possibility that someone breaks a locked door the logical conclusion is not to don't use locks.

Still after they had written those it still won't be enough to give that much damage. You're missing a crucial factor which can never appear in Linux as compared to XP. At least it can never be that close as how things are arranged.
Not always especially on services.
Do you really think it's necessary to not run the browser as root? Are all source sites that dangerous, and if there are exploitive ones would they be even always effective against your own client? What's the significance of it if your browser cannot or will not be breached at all?
Just shows how closed your perception about the matter is that you wouldn't even think of other possibilities other than the obvious.If I am to make a reply I would answer the same answer again. I guess that concludes the difference of our beliefs. Again it's about the other benefits one would choose over unnecessary insecurity and indeed there are reasons as to use GUI as root compared to what you stated that I find absolutely conservative.

Instead of making vague statements, just come out with it directly: Why do you think that an successful attack against root on a Linux system would be less harmful or more restricted than a successful attack on a XP user with admin privileges.

As I stated before, services usually are not started from the GUI itself. I am talking about the applications that are running within the GUI, browser, chat-clent, VLC, whatever.

No, i don't believe that. It is a fact that it exposes security risks to do that. This is a technical matter, not religion or philosophy, believes don't have a place here, knowledge has.

We had hacks in the last time against FreeBSD, against the kernel.org site and what not. You simply can't know which site may contain malicious code. regarding the client, nowadays most browsers are either based on Mozilla's engine, on the Webkit engine or are named Opera. What make you think that your browser is not attackable on that base?

A browser that can not be breached must by definition be a browser without any flaw in design and implementation. Such a browser does not exist.

Again, don't be vague, if you have something to say come out with it. I am open to anything that makes sense and it is possible to convince me.

But you still did not come up with any good reason to use a GUI as root, besides laziness and a possibly slightly larger footprint of applications that are running as a different user in the GUI. Both reasons are not important enough to trade security in for them.

There is no such thing as granting or being granted responsibility: you either are or you are not. Everyone is responsible for their own systems but once a system shares a network it becomes responsible for its interaction with other systems. When an owner does not act responsibly that system becomes a potential risk. So advertise corruption, misconceptions, hell, even offer arguments of questionable relevance all you want.
In turn I'll just point out completely avoidable risks.
Cause and effect.

Just on the user's own system no there's no difference. What I had been trying to explain was how one malware could rapidly expand from client to client. It's only possible if it knows how to exploit many versions of client softwares varying from one Linux system to another. At least it would be not always as easy as compared to XP in which its own services itself are the ones which are vulnerable and that packages always have single source of builds. We haven't even considered how it would affect Linux systems that implement other security measures which are not based on the user.
It's not if you include the factor called smart probability.
Yes considered that but I don't think it could create a parasite that would infect my client - after all I run a natively compiled browser with not too common compile flags. Not to mention if I add more security implementations which are not user-based. I also doubt that malwares on servers stay long - at least not significantly often.
If we measure as far as its plugins and flaws in script handling then browsers are vulnerable alright but those things rarely happen now. Most common effective methods for creating successful attacks against browsers are by buffer overlow exploits and the likes, but even them are no longer easy since software versions and builds vary from time to time. For someone like me who compiles my packages natively by default it's just unlikely. And how about other security measures like grsecurity, NX/PAX, hardened compiler, other kernel patches, etc. Thing is I've been running browsers as root for a long time already and I never had a problem. And I do from time to time give minimal assessment if my system is breached. I do consider the possible sneaky attempts if a malware would hide itself just in case you doubt that.

Alright I'll give an example. If your documents are as good as or is more important than your easy-to-restore system would it even matter being root or not when they're breached? Let's assume that you're not on any network that there's a possibility that you would affect other users. Would you even say that users has to learn how to hide their often-accessed files somewhere in a filesystem with disarray and obscurification.
Well that's up to you. I've said enough.Laziness is only laziness if the task in question is significant and/or necessary. And security is only significant if something is needed to be secured and is vulnerable. Those are my opinion for this context. And saying "You'll never know what's coming to you.", well that's already a choice as how you observed things.

You have valid points when you compile your software yourself with an eye to security checks and hardening the system. This will in fact to some extent minimize the risks of possible attacks for your system. It is harder to break into your system, but not impossible, so you could get even better security with building another wall with running your system as user with the least necessary privileges.
As I see it we both have a different approach to security (although I still would not call insisting on the principles I pointed to earlier conservative) and we both have valid points in our approach. So discussing this endlessly will not bring any of us any further.

Let me go back to my sentence that initially started the discussion between us:I will rephrase that to This is unarguably the case most of the time when this question is asked on a forum and to those asking that question it should be made clear that it is a bad idea to run their specific systems as root, with an explanation why that is the case and a pointer to information about basic security principles.

Thanks its work for me.

Great POST

Hope this could help you out.

The first half of the opening sentence in that link: I cannot help wondering how many idiots there are out there who think running their systems as root make them hackers. It reminds me of the fools who believe painting pin stripes on their cars make them race care drivers.

2 members found this post helpful.

That helps no-one.

Kind of like...

If you want to think of yourself as a hacker, you must first learn the most simple and basic of principles of how things work, and why!

I agree with Randicus - this is idiotic advice and the reason given in the article for running something as root is simply wrong, incorrect, stupid, moronic even... might even be considered a malicious posting!

Please do not post wrong, incorrect and harmful information as "helpful", it helps no one and only poisons the knowledge pool.